Get FREE 12-month access to the AI-Powered Knowledge Base worth $450
with your ISO 27001 toolkit purchase
Limited-time offer – ends June 27, 2024

Expert Advice Community

Guest

Asset inventory and risk assessment

  Quote
Guest
Guest user Created:   Dec 22, 2016 Last commented:   Dec 22, 2016

Asset inventory and risk assessment

1 - Is it recommended to fill in the INVENTORY OF ASSETS right after RISK ASSESSMENT?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Dec 22, 2016

Answer: Actually, the inventory of assets is not needed, especially when companies are implementing the standard for the first time - it is enough to develop a list of assets in the Risk assessment table, and once this is done this list is simply copied to Inventory of assets.

2 - Also whenever ASSETS in RISK ASSESSMENT TABLE are reviewed the INVENTORY OF ASSETS TABLE as per Annexure is reviewed, is that so?

Answer: Your understanding is correct. Sometimes a risk review identify assets that were not accounted, so the inventory of assets should be updated to include these new assets.

This article will provide you further explanation about asset inventory and risk assessment:
- ISO 27001 risk assessment: How to match assets, threats and vulnerabilities https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/
- How to handle Asset register (Asset inventory) according to ISO 27001 https://a dvisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/

These materials will also help you regarding asset inventory and risk assessment:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 22, 2016

Dec 22, 2016